| 摘要 |
<p>Disclosed are an identity authentication system and a method for providing the same, and the system is capable of: increasing security by separating a channel for requesting for identity authentication from a channel for inputting a password required for the identity authentication; and non-repudiation by preventing a man-in-the-middle-attack and a reply attack. A method for providing an identity authentication system, according to one aspect of the present invention, comprises the steps of: receiving, by the identity authentication system, an identity authentication request, which includes a mobile telephone number of a mobile terminal of a user and corresponds to a predetermined service, from a user terminal of the user through a wired/wireless data communication network; transmitting, by the identity authentication system, disposable authentication information corresponding to the identity authentication request to the user terminal; connecting, by the identity authentication system, a telephone call to the mobile terminal by using the mobile telephone number included in the received identity authentication request; receiving, by the identity authentication system, a first password and a second password from the mobile terminal through the telephone call; and providing the service through the user terminal when the first password received from the mobile terminal matches authentication information pre-stored in the identity authentication system and the second password received from the mobile terminal matches the disposable authentication information transmitted to the user terminal.</p> |
